Undoubtedly, taking care of the WordPress login environment is crucial to keeping your site safe! WordPress establishes a series of default settings that end up being common/same for many installations.
In addition, it is important to keep in mind that attackers always test the platforms used by victims and thus end up knowing the entire standard structure of the website they intend to attack.
Taking this into account, any attacker or even user knows that the default address for the WordPress login page is websitename.com/wp-admin/
It is also possible to access using sitename.com/wp-login.php. In this special video, you will see how to protect your WordPress in 3 minutes with the WPS Hide Login plugin!
Plugin download link:
https://wordpress.org/plugins/wps-hide-login/